diff --git a/include/Host.h b/include/Host.h index cda8b2a135..dde89e7606 100644 --- a/include/Host.h +++ b/include/Host.h @@ -257,7 +257,7 @@ class Host : public GenericHashEntry, public AlertableEntity { void lua_get_num_flows(lua_State* vm) const; void lua_get_num_contacts(lua_State* vm) const; void lua_get_num_http_hosts(lua_State*vm) const; - void lua_get_score(lua_State* vm) const; + void lua_get_score(lua_State* vm); void lua_get_score_breakdown(lua_State* vm); void lua_get_os(lua_State* vm); void lua_get_fingerprints(lua_State *vm); diff --git a/include/HostScore.h b/include/HostScore.h index 8d0905a828..b886fcc05b 100644 --- a/include/HostScore.h +++ b/include/HostScore.h @@ -25,21 +25,32 @@ class HostScore { private: u_int16_t cli_score[MAX_NUM_SCORE_CATEGORIES], srv_score[MAX_NUM_SCORE_CATEGORIES]; + u_int16_t last_min_dec; /* Account the number of decrements in the last minute */ + u_int32_t next_reset_decrement_time; + + u_int32_t sum(const bool as_client); + void lua_breakdown(lua_State *vm, bool as_client); - u_int32_t sumValues(const bool as_client) const; - void lua_breakdown(lua_State *vm, bool as_client) const; - + void inline checkDecrementReset(time_t when) { + if(when > next_reset_decrement_time) + last_min_dec = 0, next_reset_decrement_time = when+60; + } + public: HostScore(); - inline u_int32_t getValue() const { return getClientValue() + getServerValue(); }; - inline u_int32_t getClientValue() const { return sumValues(true /* as client */); }; - inline u_int32_t getServerValue() const { return sumValues(false /* as server */); }; - + inline u_int32_t get() { return(getClient() + getServer()); }; + inline u_int32_t getClient() { return(sum(true /* as client */)); }; + inline u_int32_t getServer() { return(sum(false /* as server */)); }; + inline u_int32_t getLastMinPeak(time_t when=0) { + if(when) checkDecrementReset(when); + return(last_min_dec+get()); + } + u_int16_t incValue(u_int16_t score, ScoreCategory score_category, bool as_client); - u_int16_t decValue(u_int16_t score, ScoreCategory score_category, bool as_client); + u_int16_t decValue(time_t when, u_int16_t score, ScoreCategory score_category, bool as_client); - void lua_breakdown(lua_State *vm) const; + void lua_breakdown(lua_State *vm); }; #endif diff --git a/scripts/locales/en.lua b/scripts/locales/en.lua index a8990a0cb6..e0726cbdf0 100644 --- a/scripts/locales/en.lua +++ b/scripts/locales/en.lua @@ -2735,8 +2735,8 @@ local lang = { ["manage_users"] = { ["add_new_user"] = "Add New User", ["administrator"] = "Administrator", - ["allow_pcap_download"] = "Allow PCAP Download", - ["allow_pcap_download_descr"] = "Allow the user to download live traffic and PCAPs", + ["allow_pcap_download"] = "Allow pcap Download", + ["allow_pcap_download_descr"] = "Allow the user to download live traffic and pcap's", ["allowed_interface"] = "Allowed Interface", ["allowed_networks"] = "Allowed Networks", ["allowed_networks_descr"] = "Comma separated list of networks this user can view. Example:", @@ -4401,7 +4401,7 @@ local lang = { ["storage_dir"] = "Storage Directory", ["storage_directory_config"] = "The Storage Directory path can be changed by specifing the %{option} option into the %{product} configuration file.", ["storage_utilization"] = "Storage Utilization", - ["storage_utilization_pcap"] = "PCAP Storage Utilization", + ["storage_utilization_pcap"] = "pcap Storage Utilization", ["traffic_extraction_jobs"] = "Traffic Extraction Jobs", ["traffic_extractions"] = "Extractions", ["traffic_on_disk"] = "Traffic On Disk", diff --git a/scripts/lua/host_details.lua b/scripts/lua/host_details.lua index bf10691f4a..6af8560e5c 100644 --- a/scripts/lua/host_details.lua +++ b/scripts/lua/host_details.lua @@ -127,9 +127,9 @@ local function scoreBreakdown(what) if(tot > 0) then score_category_network = (score_category_network*100)/tot score_category_security = 100 - score_category_network - - print('
'.. i18n("flow_details.score_category_network")) - print('
' .. i18n("flow_details.score_category_security") .. '
\n') + + print(''.. i18n("flow_details.score_category_network")) + print('' .. i18n("flow_details.score_category_security") .. '\n') else print(" ") end diff --git a/src/Flow.cpp b/src/Flow.cpp index 738637ad54..638f03c2a9 100644 --- a/src/Flow.cpp +++ b/src/Flow.cpp @@ -4441,8 +4441,8 @@ void Flow::postFlowSetIdle(const struct timeval *tv) { for(int i = 0; i < MAX_NUM_SCORE_CATEGORIES; i++) { ScoreCategory score_category = (ScoreCategory)i; - if(cli_host_score[score_category]) clis->decValue(cli_host_score[score_category], - score_category, true /* as client */); + if(cli_host_score[score_category]) + clis->decValue(tv->tv_sec, cli_host_score[score_category], score_category, true /* as client */); } } @@ -4450,8 +4450,8 @@ void Flow::postFlowSetIdle(const struct timeval *tv) { for(int i = 0; i < MAX_NUM_SCORE_CATEGORIES; i++) { ScoreCategory score_category = (ScoreCategory)i; - if(srv_host_score[score_category]) srvs->decValue(srv_host_score[score_category], - score_category, false /* as server */); + if(srv_host_score[score_category]) + srvs->decValue(tv->tv_sec, srv_host_score[score_category], score_category, false /* as server */); } } } @@ -5188,9 +5188,11 @@ bool Flow::setStatus(FlowStatus status, u_int16_t flow_inc, u_int16_t cli_inc, The actual increase is the one returned by the incValue function and it can be less thant the original increase (this is because the actual increase could have caused an overflow). */ + if(unsafeGetClient()) + cli_host_score[score_category] += unsafeGetClient()->getScore()->incValue(cli_inc, score_category, true /* as client */); - if(unsafeGetClient()) cli_host_score[score_category] += unsafeGetClient()->getScore()->incValue(cli_inc, score_category, true /* as client */); - if(unsafeGetServer()) srv_host_score[score_category] += unsafeGetServer()->getScore()->incValue(srv_inc, score_category, false /* as server*/); + if(unsafeGetServer()) + srv_host_score[score_category] += unsafeGetServer()->getScore()->incValue(srv_inc, score_category, false /* as server*/); if(!status_infos) status_infos = (StatusInfo*) calloc(BITMAP_NUM_BITS, sizeof(StatusInfo)); diff --git a/src/Host.cpp b/src/Host.cpp index 158e7cbe0b..efb79d8bbf 100644 --- a/src/Host.cpp +++ b/src/Host.cpp @@ -418,10 +418,12 @@ void Host::lua_get_host_pool(lua_State *vm) const { /* ***************************************************** */ -void Host::lua_get_score(lua_State *vm) const { - lua_push_uint64_table_entry(vm, "score", score.getValue()); - lua_push_uint64_table_entry(vm, "score.as_client", score.getClientValue()); - lua_push_uint64_table_entry(vm, "score.as_server", score.getServerValue()); +void Host::lua_get_score(lua_State *vm) { + lua_push_uint64_table_entry(vm, "score", score.get()); + lua_push_uint64_table_entry(vm, "score.as_client", score.getClient()); + lua_push_uint64_table_entry(vm, "score.as_server", score.getServer()); + lua_push_uint64_table_entry(vm, "score.total", score.get()); + lua_push_uint64_table_entry(vm, "score.total_last_min_peak", score.getLastMinPeak(iface->getTimeLastPktRcvd())); } /* ***************************************************** */ diff --git a/src/HostScore.cpp b/src/HostScore.cpp index 74787edeb6..bd09b963e5 100644 --- a/src/HostScore.cpp +++ b/src/HostScore.cpp @@ -26,11 +26,12 @@ HostScore::HostScore() { memset(&cli_score, 0, sizeof(cli_score)), memset(&srv_score, 0, sizeof(srv_score)); + last_min_dec = 0, next_reset_decrement_time = 0; } /* *************************************** */ -u_int32_t HostScore::sumValues(bool as_client) const { +u_int32_t HostScore::sum(bool as_client) { u_int32_t res = 0; const u_int16_t *src = as_client ? cli_score : srv_score; @@ -80,15 +81,19 @@ u_int16_t HostScore::incValue(u_int16_t score, ScoreCategory score_category, boo HostScore::decValue must be called from the same thread of HostScore::incValue to prevent races. */ -u_int16_t HostScore::decValue(u_int16_t score, ScoreCategory score_category, bool as_client) { +u_int16_t HostScore::decValue(time_t when, u_int16_t score, + ScoreCategory score_category, bool as_client) { u_int16_t *dst = as_client ? cli_score : srv_score; - if(score_category >= MAX_NUM_SCORE_CATEGORIES || score == 0) + if((score_category >= MAX_NUM_SCORE_CATEGORIES) + || (score == 0)) return 0; + checkDecrementReset(when); + if(dst[score_category] - score >= 0) /* Decrement leaves the destination consistent */ - dst[score_category] -= score; + dst[score_category] -= score, last_min_dec += score; else /* Something was wrong */ ntop->getTrace()->traceEvent(TRACE_ERROR, "Internal error. Decrement of host score yielding a negative number."); @@ -98,7 +103,7 @@ u_int16_t HostScore::decValue(u_int16_t score, ScoreCategory score_category, boo /* *************************************** */ -void HostScore::lua_breakdown(lua_State *vm, bool as_client) const { +void HostScore::lua_breakdown(lua_State *vm, bool as_client) { u_int32_t total = 0; const u_int16_t *src = as_client ? cli_score : srv_score; @@ -125,7 +130,7 @@ void HostScore::lua_breakdown(lua_State *vm, bool as_client) const { /* Outputs Lua tables for client and server per-category score breakdown. */ -void HostScore::lua_breakdown(lua_State *vm) const { +void HostScore::lua_breakdown(lua_State *vm) { lua_newtable(vm); lua_breakdown(vm, true /* as client */); diff --git a/src/NetworkInterface.cpp b/src/NetworkInterface.cpp index 67d1310acb..287fbb315f 100644 --- a/src/NetworkInterface.cpp +++ b/src/NetworkInterface.cpp @@ -3764,7 +3764,7 @@ static bool host_search_walker(GenericHashEntry *he, void *user_data, bool *matc case column_total_num_unreachable_flows_as_client: r->elems[r->actNumEntries++].numericValue = h->getTotalNumUnreachableOutgoingFlows(); break; case column_total_num_unreachable_flows_as_server: r->elems[r->actNumEntries++].numericValue = h->getTotalNumUnreachableIncomingFlows(); break; case column_total_alerts: r->elems[r->actNumEntries++].numericValue = h->getTotalAlerts(); break; - case column_score: r->elems[r->actNumEntries++].numericValue = h->getScore()->getValue(); break; + case column_score: r->elems[r->actNumEntries++].numericValue = h->getScore()->get(); break; default: ntop->getTrace()->traceEvent(TRACE_WARNING, "Internal error: column %d not handled", r->sorter);